System for selecting a connectivity mechanism

ABSTRACT

An address resolver system that assists a node in an IPv6 network to select an address for connectivity with a node in an IPv4 network when both DSTM and NAT-PT transition mechanisms are available. Native connectivity can be achieved by preferring an encapsulation or tunnelling mechanism such as DSTM where possible over a translation mechanism such as NAT-PT. A range of encapsulation and translation mechanisms are envisaged. The resolver determines capabilities of the node and of the application that requires the address in order to make the selection

FIELD OF THE INVENTION

This invention relates to systems suitable for use in computer networksundergoing the transition from IPv4 to IPv6. Particularly but not onlyto a resolver system that assists a node in an IPv6 network to select anaddress for connectivity with a node in an IPv4 network when both DSTMand NAT-PT or similar transition mechanisms are available.

BACKGROUND TO THE INVENTION

A variety of transition mechanisms are proposed for migrating IP(Internet Protocol) networks from IPv4 to IPv6, including encapsulationor tunnelling systems such as DSTM (Dual Stack Transition Mechanism) andtranslation systems such as NAT-PT (Network Address Translation—ProtocolTranslation), SIIT (Stateless IP/ICMP Translator), BIS(Bump-in-the-Stack), BIA (Bump-in-the-API). DSTM allows a node in anIPv6 network to communicate with a node in an IPv4 network by allocatingthe IPv6 node a temporary IPv4 address. NAT-PT enables translation ofIPv4 addresses and packets into equivalent IPv6 addresses and packets,and vice versa. Management of IP addresses is generally carried out byDNS (Domain Name System) servers. All have been described in documentspublished by the IETF (Internet Engineering Task Force).

A growing number of Internet nodes contain dual stack applications thatare capable of packet communication with other nodes using both IPv4 andIPv6. Each node also contains a resolver that obtains one or more IPaddresses for a remote node when required by a local application. Theresolver generally determines a remote address by way of a requesttransmitted through one or more DNS servers, being an A request for arecord containing an IPv4 address or an AAAA request for a recordcontaining an IPv6 address. An A6 request might also be used in relationto IPv6 addresses although AAAA requests are more likely to be deployedin practice. The application will usually ask for both kinds of address,and the DNS response along with capabilities of the local node generallydetermines which address will be used. However, current methods forselection of the address do not always provide the most efficientconnectivity been the nodes.

For example, an application in an IPv6 node requests both IPv4 and IPv6addresses of a target IPv4 node through the local resolver and DNS. Ifthe target is bounded from the source by both NAT-PT and DSTM, then theresolver may list both an IPv6 version of the target native IPv4address, produced by translation, and the actual IPv4 address returnedfor activation of DSTM. The source node or application may not have asystem for selecting from the list other than simply to choose the firstaddress that is presented or to follow a default algorithm. If the firstaddress is the IPv6 version then connectivity between the source and thetarget will be established using the translation mechanism. If the firstaddress is the actual IPv4 address then connectivity will be set up withDSTM.

Translation mechanisms are “best effort” but may result in loss ofservice specific information. Encapsulation mechanisms are generallypreferred because native connectivity is possible. In the example above,the IPv6 node will communicate with the IPv4 node using a mechanismdetermined arbitrarily by whichever DNS response is presented first tothe application. The most suitable mechanism is not generally determinedbefore a connection between the nodes is set up.

SUMMARY OF THE INVENTION

It is an object of the invention to provide for improved addressselection in IPv6 nodes that are able to communicate with IPv4 nodes byboth DSTM and NAT-PT; or similar encapsulation and translation systems,or at least to provide an alternative to existing selection mechanisms.In general terms the address is selected in accord with capabilities ofthe IPv6 node and in a way that establishes native connectivity forcommunication with an IPv4 node if possible.

In one aspect the invention may broadly be said to consist in a methodof selecting connectivity between a source node and a target node in anIP network, comprising: requesting at least one IP address for thetarget node, receiving two or more IP addresses for the target node,determining that one of the received addresses represents connectivityby encapsulation, determining that another of the received addressesrepresents connectivity by translation, and selecting the address thatrepresents connectivity by encapsulation for communication between thenodes. Preferably the method also determines that the source node has adual stack mechanism available and is capable of connectivity with IPv4nodes by DSTM.

In another aspect the invention may be said to consist in a node in anIP network including: application layer components having different IPaddressing capabilities for communication with components in othernodes, network layer components providing different IP addressingcapabilities for the application layer components, and an addressresolver component that determines the capabilities of both theapplication layer components and the network layer components, andselects IP addresses giving preference to encapsulation over translationwherever possible.

In another aspect the invention may be said to consist in an addressselector for a node in an IP network, including: means for determiningIP addressing capabilities of application and network layer componentsin the node, means for determining IP address characteristics of aremote node in the network with which the application components maycommunicate, means for determining a connectivity mechanism according tothe capabilities of the components and characteristics of the remotenode, and means for selecting addresses for the node and the remote nodein order to optimise the connectivity mechanism.

In a further aspect the invention consists in a method of selectingconnectivity at a node in an IP network, comprising: determiningcapability of the node for communication over the network by way of twoor more connectivity mechanisms, obtaining two or more IP addresses foranother node representing communication between nodes by way of at leasttwo of the mechanisms, and selecting an address for each node and amechanism for communication giving preference to encapsulation overtranslation where possible.

A node in this specification can be any device that implements IPv4 orIPv6 and is therefore capable of communicating with other devices overan IP based network either wired or wireless. It includes devices suchas end user PCs (Personal Computers) and central servers, and anythingcommonly called an Internet host. Other terms in the specification arealso to be interpreted broadly to include all equivalent devices andfeatures.

LIST OF FIGURES

Preferred embodiments of the invention will be described with respect tothe accompanying drawings, of which:

FIG. 1 shows a generalised network including IPv6 and IPv4 sub networks,

FIG. 2 shows component layers in a possible DSTM node according to theinvention,

FIG. 3 outlines how the DNS resolver in FIG. 2 may determine a list ofaddresses for an application in the node,

FIG. 4 indicates how a dual stack application in a DSTM node may obtainboth IPv6 and IPv4 addresses for a remote IPv4 node,

FIG. 5 outlines how the DNS resolver in FIG. 2 may select connectivitywith a remote node preferring encapsulation over translation,

FIG. 6 is a table indicating preferred connectivity for communication ofan IPv6 located node with an IPv4 node according to capabilities of theIPv6 node, and

FIG. 7 indicates how an IPv6 translated address created by NAT-PT may beidentified.

DESCRIPTION OF PREFERRED EMBODIMENTS

Referring to the figures it will be appreciated that the invention canbe implemented in a variety of ways on a variety of IPv6 nodes in theInternet or other computer network. This description is given by way ofexample only. Internet protocols and systems such as IPv4, IPv6, layermodels, DNS, DSTM or other encapsulation mechanisms and NAT-PT or othertranslation mechanisms, will be understood by a skilled reader and neednot be explained in detail.

FIG. 1 schematically shows the Internet 10 with several sub networks 11,12, 13, 14 and 15. Each network may itself be a complex combination ofcomponent networks or domains that may be connected to the Internet in avariety of ways. Each network also generally has at least one DNS server16 that holds resource records including IP addresses for local nodes,and responds to requests by both local and remote nodes, as generallyknown. Network 11 is IPv6 and implements at least one IPv6/IPv4transition mechanism, particularly but not only DSTM, to enablecommunication with IPv4 nodes elsewhere. Network 14 is IPv4 andimplements NAT-PT to enable communication with IPv6 nodes elsewhere.Network 12 is IPv6 and implements both DSTM and NAT-PT. Networks 13 and15 are IPv4 and IPv6 respectively without necessarily having anyparticular transition mechanism. Each IPv6 network has at least one IPv6node 18 and each IPv4 network has at least one IPv4 node 19.

Each IPv6 network in FIG. 1 that implements DSTM generally requires aseparate address server 17 to hold a pool of IPv4 addresses forassignment to local IPv6 nodes, and maintains a record of each mappingfor the duration of sessions between local and remote nodes. A DSTMborder router or gateway 20 is also generally required for connection ofthe network to the Internet and may also be able to cache addressmappings, for example. Each IPv6 node 18 that uses DSTM in network 11generally requires a DSTM application that manages temporary assignmentsof IPv4 addresses to the node, and also a DTI (Dynamic TunnellingInterface) system that encapsulates and decapsulates IPv4 packets withinIPv6 packets for transmission and reception within the local network.

Networks in FIG. 1 that implement NAT-PT generally require at least aborder router or gateway 21 capable of translating IPv4 addresses andpackets into IPv6 addresses and packets. DSTM and NAT-PT routers areshown separately for network 12 but may be combined in a single device.These NAT-PT systems are generally bidirectional and may hold a pool ofIP addresses for assignment to local nodes as required. They may alsotrack the duration of each session between local and remote nodes. Morecomplex translation systems such as NAPT-PT (Network Address PortTranslation—Protocol Translation) perhaps including ALG (ApplicationLayer Gateway) and a range of other might also be implemented in theborder router in some circumstances.

An IPv6 network in FIG. 1 may mix DSTM capable nodes that cantemporarily be assigned an IPv4 address, and IPv6 only nodes that haveno capability for temporary address allocation and must use a translatorto communicate with IPv4 only nodes. Software applications in nodes ofeither type may have dual stack capability and thereby support both IPv6and IPv4 communications. A typical dual stack application is likely torequest both IPv6 and IPv4 addresses when attempting to communicate witha remote node. However, the application generally has no knowledge ofthe capabilities of the local IPv6 node and without control over DNSexchanges will not necessarily select a suitable address to establishthe most efficient mechanism for connectivity. A typical DNS resolver inthe IPv6 node will send both A and AAAA requests to the local DNS serverand then return a list of possible addresses to the application,generally ordered according to their time of receipt.

FIG. 2 schematically indicates components of an IPv6 node system havingDSTM capability and also a DNS resolver with address selection, such asnode 18 in network 11 or 12 of FIG. 1. In this example the node has arange of IPv4, IPv6 and dual stack applications in an application layer25, components for two common transport protocols TCP and UDP in atransport layer 26, and components for an Ethernet interface in aphysical layer 27. Common applications provide virtual terminal(TELNET), file transfer (FTP) and email (SMTP) functions, for example,and may or may not be both IPv4 and IPv6 capable. Other applications,protocols and physical interfaces are also used in practice. Networklayer 28 provides DSTM connectivity for the applications through IPv6and IPv4 components, including a DTI system for encapsulation anddecapsulation of IPv4 packets. In general terms, the network layer in anInternet node is responsible for creating and addressing IP packets,among other functions, and may or may not be both IPv4 and IPv6 capable.

The resolver system 30 in FIG. 2 is typically contained in a library 29of components such as APIs (Application Programming Interfaces) thatprovide services to the applications. The resolver provides generallystandard functions including sending and collecting DNS requests andresponses, but also functions that are able to determine the nodecapability and process the DNS responses accordingly for addressselection. A DSTM interface can be detected for example, by inspectingthe Windows Registry on a Microsoft system, or through ifconfig dti0 ona Unix system. These functions of the resolver could be spread overseveral components in other layers if required.

FIG. 3 indicates a process by which the resolver 30 in FIG. 2 may selectaddresses for an application from a collection of two or more IPv4 andIPv6 addresses generated by DNS exchanges and transition mechanisms.Address requests are received from the application in step 31 usuallythrough an API such as getaddrinfo. DNS requests for resource recordsare then sent by the resolver in step 32, generally in any orderdepending on the order requests are received from the particularapplication. DNS responses are received in step 33 also in any ordergenerally depending on the order in which corresponding requests weresent out, and usually limited by a time out period. Two or moreaddresses may be collected depending on details of the nodes and thevarious DNS exchange and transition mechanisms that are implemented bytheir networks. The resolver then determines transport capabilities ofthe node in step 34, detecting particularly whether a DSTM or otherencapsulation interface is present and suitably configured.Alternatively, the node capabilities might be determined periodically orrecorded when the resolver is set up. The configuration of an interfacemay change for various reasons and a fresh determination for eachaddress request by an application is preferred. Characteristics of theDNS responses and the node capabilities are then used in step 35 toselect and prepare a list of addresses that are transmitted to theapplication in step 36.

FIG. 4 shows how a dual stack application on the DSTM node system inFIG. 2 may obtain both IPv6 and IPv4 addresses for communication with atarget node in an IPv4 network that is also bounded by NAT-PT. Forexample in FIG. 1, a source node 18 in network 11 may attemptcommunication with a target node 19 in network 14, or source node 18 innetwork 12 may attempt communication with a target node 19 in network13. The application may first request an IPv6 address from the localresolver which in turn sends an AAAA request to the local DNSv6 server16. The DNSv6 server sends the request on towards a DNSv4 server in theIPv4 network of the target node. The request is translated by a DNSv4/v6interconnect device, typically a suitable border router such as the DSTMor NAT-PT router itself, into an A request and passed to the DNSv4server. The DNS server provides an A response that is translated to anAAAA response before being sent back toward the source node in the IPv6network. A translated address can be detected by the resolver in variousways such as described in relation to FIG. 7.

In FIG. 4, the application in the source IPv6 node then requests an IPv4address for the target IPv4 node. The local resolver sends an A requestto the local DNSv6 server which sends the request on towards a DNSv4server in the IPv4 network of the target node. The DNS interconnectdevice relays the request to the DNSv4 server without need oftranslation and receives an A response in turn. The A response is sentback toward the source node being encapsulated by DSTM on the border ofthe IPv6 network. The resolver in the IPv6 node collects the AAAA and Aresponses and provides a list of possible addresses for the dual stackapplication. The list is ordered by a process in the resolver thatgenerally prefers connectivity by DSTM ahead of connectivity by NAT-PT,and orders the addresses accordingly. More than two addresses may appearin the list depending on a range of circumstances of the source andtarget nodes. The application in the source node will generally attempta connection to the target node using the first address on the list,then using second and any lower addresses for further attempts ifnecessary.

FIG. 5 indicates a possible decision process for step 35 in FIG. 3, bywhich the resolver 30 can create an address list from a collection ofDNS requests and responses, for a range of application and nodecapabilities. An alternative approach might involve a lookup table. Theresolver orders the list according to capabilities of the source nodeand capabilities of the application for which the list is being created.In this example, the source node is present in an IPv6 network and isseeking to communicate with a target node that may be either IPv4 orIPv6 capable, and bounded by a range of possible transition mechanisms.The source node is either IPv6 capable only, or has access to anencapsulation or tunnelling mechanism, specifically DSTM in this casealthough other mechanisms exist. A source node in an IPv4 network is notconsidered. The resolver generally determines the capability of the nodeby detecting one or more relevant interfaces in the node, or may bespecifically provided with relevant data. The application may have IPv4,IPv6 or dual capability depending on a choice made by the developer,installer or operator of the particular software. The resolver generallydetermines the capability of the application by assessing the range ofaddress requests that are received from the application, or again may beprovided with relevant data. A request for an IPv4 address only, an IPv6address only, or both IPv4 and IPv6 addresses indicates correspondingcapability.

In FIG. 5, the resolver has a collection of IPv4 and IPv6 addresses tolist in suitable order for an application on the source node. Theresolver first determines in decision step 50 whether the node is IPv6only or DSTM capable, and then in either of decision steps 51 and 52whether the particular application for which the list is being preparedis IPv4, IPv6 or dual capable. An IPv4 only application on an IPv6 onlynode cannot communicate with any target node and DNS responses aredropped in step 53. An IPv6 only or dual stack application on an IPv6only node can communicate only by IPv6 so the AAAA response, whethernative from an IPv6 target, or translated from an IPv4 target, is placedfirst on the list in step 54. An IPv4 only application on a DSTM capablenode can only communicate with an IPv4 target node using DSTM, so the Aresponse is placed first in step 55, and the encapsulation mechanism isactivated. An IPv6 only application on a DSTM capable node cancommunicate using either a native or translated address so the AAAAresponse is therefore placed first in step 56. A dual stack applicationon a DSTM capable node can communicate with a target node in severalways and an assessment of the IPv6 address is required in decision step57. Native connectivity is preferred so that for communication with anIPv6 target the AAAA response is placed first in step 58. Forcommunication with an IPv4 node the A response is placed first and theDSTM or other encapsulation mechanism is activated.

FIG. 6 summarises a special case of the process in FIG. 5 forapplications with IPv4, IPv6 and dual stack capabilities, on a sourcenode in an IPv6 network with IPv6 only or DSTM capability, seekingconnection with an IPv4 target node. A translation mechanism such asNAT-PT is available so that the most suitable mode of connectivitybetween the nodes may not always be selected. Circumstances of this kindrepresent a common problem that will arise as IPv6 networks areimplemented on the Internet. An IPv4 capable application can onlycommunicate from a DSTM capable node or a node using some otherencapsulation mechanism. An IPv6 application can communicate from IPv6only or DSTM capable nodes by using translation. A dual stackapplication can also communicate from either node but uses DSTM and IPv4where available for native connectivity.

FIG. 7 indicates how IPv6 addresses created by translation of IPv4addresses may be identified by the resolver. This is one way todifferentiate an IPv6 address created by NAT-PT, from a native IPv6address used by an IPv6 node, and could be used to enable the decisionin step 57 of FIG. 5. The lengths of IPv4 and IPv6 addresses are 32 and128 bits respectively. An IPv4 address is readily contained by an IPv6address along with a translation identifier, such as a NAT-PT specificidentifier. At least 64 bits are normally required for IPv6 routinginformation leaving 32 bits for the identifier. A translation identifiercould be prescribed for all NAT-PT devices so that addresses created bya NAT-PT device can be determined. Each IPv6 node is configured with ordiscovers the identifiers for translators of one or more kinds.

In FIG. 7 the translator identifier is added by the translator. Apossible alternative would be to pre-configure a relevant translatoridentifier into each IPv4 node. The former is more manageable for largeor growing IPv6 networks. The latter preferable for smaller networks.

1. A method of selecting connectivity between a source node and a targetnode in an IP network, comprising: requesting at least one IP addressfor the target node, receiving two or more IP addresses for the targetnode, determining that one of the received addresses representsconnectivity by encapsulation, determining that another of the receivedaddresses represents connectivity by translation, and selecting theaddress that represents connectivity by encapsulation for communicationbetween the nodes.
 2. A method according to claim 1 further comprising:determining that the source node has a dual stack mechanism availableand is capable of connectivity with IPv4 nodes by DSTM.
 3. A methodaccording to claim 1 further comprising: requesting both IPv4 and IPv6addresses for the target node and receiving IPv4 and IPv6 addressesindicating connectivity is possible by DSTM or translation respectively.4. A method according to claim 1 wherein the source node has dual stackand DSTM capability and the IP network is IPv6 only.
 5. A methodaccording to claim 1 wherein an address representing connectivity bytranslation is determined according to a translation identifier withinthe address.
 6. A method according to claim 1 wherein encapsulationinvolves DSTM and translation involves NAT-PT.
 7. A method according toclaim 1 wherein selecting the address representing connectivity byencapsulation includes placing the address first on a list of addresses.8. A node in an IP network including: application layer componentshaving different IP addressing capabilities for communication withcomponents in other nodes, network layer components providing differentIP addressing capabilities for the application layer components, and anaddress resolver component that determines the capabilities of both theapplication layer components and the network layer components, andselects IP addresses giving preference to encapsulation over translationwherever possible.
 9. A node according to claim 8 wherein the addressresolver component determines the network layer capabilities by checkingfor existence of known interfaces within the network layer anddetermines the application layer capabilities by analysing addressrequests made by application layer components.
 10. An address selectorfor a node in an IP network, including: means for determining IPaddressing capabilities of application and network layer components inthe node, means for determining IP address characteristics of a remotenode in the network with which the application components maycommunicate, means for determining a connectivity mechanism according tothe capabilities of the components and characteristics of the remotenode, and means for selecting addresses for the node and the remote nodein order to optimise the connectivity mechanism.
 11. An address selectoraccording to claim 10 wherein the means for determining IP addressingcapabilities of the application and network layer components monitorsDNS records and network layer interfaces.
 12. An address selectoraccording to claim 10 wherein the means for determining IP addresscharacteristics of the remote node determines a translated IPv4 addressfor the remote node by way of an identifier in an IPv6 address.
 13. Anaddress selector according to claim 10 wherein the means for selectingaddresses for the node and the remote node optimises the connectivitymechanism by giving preference to DSTM over NAT-PT mechanisms whereverpossible.
 14. An address selector according to claim 10 wherein themeans for selecting addresses creates ordered lists of addresses for theapplication layer components.
 15. A method of selecting connectivity ata node in an IP network, comprising: determining capability of the nodefor communication over the network by way of two or more connectivitymechanisms, obtaining two or more IP addresses for another noderepresenting communication between nodes by way of at least two of themechanisms, and selecting an address for each node and a mechanism forcommunication giving preference to encapsulation over translation wherepossible.
 16. A method according to claim 15 wherein determiningcapability for a connectivity mechanism includes detecting the presenceof one or more dedicated interfaces in network layer components of thenode.
 17. A method according to claim 15 wherein determining capabilityfor a connectivity mechanism includes detecting capability of one ormore application layer components of the node.
 18. A method according toclaim 15 wherein one of the connectivity mechanisms involvesencapsulation by a method such as DSTM and another involves translationby a method such as NAT-PT.
 19. A method according to claim 15 whereindetermining capability for a connectivity mechanism includes analysingDNS communications when obtaining the IP addresses.
 20. A methodaccording to claim 15 further comprising selecting DSTM where the nodeis DSTM capable and the other node has an IPv4 address.
 21. A methodaccording to claim 15 further comprising creating an ordered list ofaddresses with an encapsulation address ahead of a translation address.